On Wednesday, Apr 4th 2007 at 18:04 -0700, quoth ts-dev: =>Is it possible to prevent modification of a python file once its been =>deployed? File permissions of the OS could be used..but that doesn't =>seem very secure. => =>The root of my question is verifying the integrity of the application =>and the scripts being run. Is this possible, if so, how?
I'm going to take a stab at this one even though I'm a really junior pythonian. I know others have already responded, but I'd like to offer a couple of suggestions that have nothing to do with python. (BTW, I do applaud the previous answers that suggest that this is really a non-problem in the first place.) 1. *IF* you are on a linux target platform then it's likely that you have a package management system in use, either rpm or deb. In either case, you have the ability to verify by checksum, every file of any package. In the case of rpm, just use the -V option. 2. You also have the ability to set the immutable flag on ext2/ext3 filesystems. See lsattr/chattr commands. Of course, if you can get root access then you can shut off immutability, but you can also replace your package management tools as well. AAAUUUGGGHHH!!! -- Time flies like the wind. Fruit flies like a banana. Stranger things have .0. happened but none stranger than this. Does your driver's license say Organ ..0 Donor?Black holes are where God divided by zero. Listen to me! We are all- 000 individuals! What if this weren't a hypothetical question? steveo at syslang.net -- http://mail.python.org/mailman/listinfo/python-list